Comments

Knot Mee September 12, 2016 8:04 AM

For some reason, my Seagate wasn’t affected. Yipee! Of course, I don’t do bitcoin, either.

One chronic problem with reports of horrible new exploits is they never tell you what to do to stop it, or figure out whether you have it.

Sophos has a good technical write up on it. Check this registry key for bad things first:

Registry Keys Created:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

If there is anything shakey there, delete it.

Full write up at:

https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Mal~Miner-C/detailed-analysis.aspx

richard richardson September 12, 2016 11:20 AM

I can’t remember where my old seagate went, it’s somewhere 🙂

I mostly use SSDs ever since they became affordable.

albert September 12, 2016 2:23 PM

@keiner,

“The dog are bite’n* my leg.”

Couldn’t resist,

Sorry…

  • are biting
    . .. . .. — ….

Seventy Percent Of Statistics Are Made Up September 12, 2016 2:24 PM

The precision of the 77% statistic seems to be the interesting thing here. Are these drives effectively an always-online botnet that can be measured that accurately, that easily? I think I see a problem…

Tatütata September 12, 2016 4:23 PM

I will generalize from five or six different brands of devices purchased over the last 15 years: all NAS are crap, both hardware and software-wise. 🙁

If you can retail a complete laptop beginning at 100-200$, what the hell is so difficult in packaging a functional microcontroller and a hard disk in a box and sell it at a fair price? Finding people with brains?

Clive Robinson September 12, 2016 5:20 PM

@ Mike The Goat,

How’s the horn? Still tootaling along…

I trust things are well at your end?

Alex September 12, 2016 8:08 PM

I guess I could blame myself for not hovering over the link and seeing one of the links was a PDF, but considering this is “security” site, perhaps a written warning would be a good idea.

AC September 13, 2016 12:08 AM

Alex:

I guess I could blame myself for not hovering over the link and seeing one of the links was a PDF, but considering this is “security” site, perhaps a written warning would be a good idea.

Why do you think the URL text imposes any restriction on content at that URL? If you want a warning before opening PDFs, it is your responsibility to use a browser that provides it.

The alternative is for “security” sites to somehow know your, and everone else’s, preferences.

Alex September 13, 2016 12:23 PM

“The alternative is for “security” sites to somehow know your, and everone else’s, preferences.”

@AC Yes… putting (PDF) next to the link is too much trouble.

AC September 13, 2016 11:16 PM

Alex:

Indicating file type like that is from the days when nearly all users would need to select a specific action (e.g. “Save As”) rather than a normal click. It was for convenience; hopefully those days are long past, for most users.

However, you stated there are security reasons and that such text is a “warning”. What security implications did you have in mind?

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.